Asus GigaX2024SX User Manual

Page 66

Advertising
background image


1. Generate a Host Key Pair – On the SSH Host Key Settings page, create a host

rt the host public key during the initial connection setup with the switch.

therwise, you need to manually create a known hosts file on the management

ple:


10.1.0.5410243515

53136748908365

725415020245593199868544358361651999923329781766065830956

96195566782

5956641048695742788814620651941746772984865468615717739390164779
3559423035774130980227370877945452408397175264635805817671670957
4804776117

3. Import Client’s Public Key to the Switch – Use the copy tftp public-key
command (page 4-60) to copy a file containing the public key for all the SSH
client’s granted management access to the switch. (Note that these clients
must be configured locally on the switch via the User Accounts page as
described on page 3-31.) The clients are subsequently authenticated using
these keys. The current firmware only accepts public key files based on
standard UNIX format as shown in the following example:

1024351341081685609893921040944920155425347631641921872958921143
1738800555361616310517759408386863110929123222682851925437460310
0937187721199696317813662774141689851320491172048303392543241016
3799759237144901193800609025394840848271781943722884025331159521
348610229029789827213532671 31629432532818915045306393916643
[email protected]

4. Set the Optional Parameters – On the SSH Settings page, configure the
optional parameters, including the authentication timeout, the number of retries,
and the server key size.
5. Enable SSH Service – On the SSH Settings page, enable the SSH server on
the switch.
6. Challenge-Response Authentication – When an SSH client attempts to contact
the switch, the SSH server uses the host key pair to negotiate a session key
and encryption method. Only clients that have a private key corresponding to
the public keys stored on the switch can access. The following exchanges take
place during this process:
a. The client sends its public key to the switch.
b. The switch compares the client's public key to those stored in memory.
c. If a match is found, the switch uses the public key to encrypt a random
sequence of bytes, and sends this string to the client.

public/private key pair.

2. Provide Host Public Key to Clients – Many SSH client programs automatically
impo
O
station and place the host public key in it. An entry for a public key in the known
hosts file would appear similar to the following exam

68499540186766925933394677505461732

4
10825913212890233765468017262725714134287629413011

3-41

Advertising
Popular Brands
Popular manuals